Zombies never die: analysis of the latest situation of the large botnet airashi

Intel Name: Zombies never die: analysis of the latest situation of the large botnet airashi

Date of Scan: January 24, 2025

Impact: Medium

Summary:
“Zombies Never Die: Analysis of the Latest Situation of the Large Botnet AIRASHI” discusses the evolution of the AISURU botnet, which launched a large-scale DDoS attack on Steam and Perfect World in August 2024. After halting its activities in September, the botnet was updated and renamed AIRASHI in November 2024. The AIRASHI botnet utilizes a Zero Day vulnerability in Cambium Networks’ cnPilot router, encrypted communication protocols, and an extensive range of IPs across multiple countries to enhance its DDoS capabilities. The botnet has a stable DDoS attack capacity and employs advanced techniques like HMAC-SHA256 and chacha20 encryption to avoid detection. The botnet’s command-and-control (CNC) infrastructure is spread across 19 countries, making it difficult to dismantle.

More Details